Formalization and Certification of Languages, Tools and Systems

Overview

Higher-order strongly typed programming languages such
as Objective
Caml help improving the quality of software development. Static typing
automatically detects possible execution errors. Higher-order
functions, polymorphism, modules and functors are powerful tools for
the development of generic reusable libraries. Our general goal is to
enrich such a software environment with a language of annotations as
well as libraries for data types, abstract notions and associated
theorems which can express logical properties of programs and ease the
possibility to automatically and interactively develop proofs of
correctness of the programs.
In the past, we made contributions to the Coq proof assistant by
adding features for improving the development of formally
proved functional programs. A first contribution is a new method to
extract Ocaml modular code from Coq proofs
(P. Letouzey's PhD thesis). This extraction
mechanism is an original feature for the Coq system, and has been
used by several teams around the world in order to get efficient
certified code. Another contribution
(M. Sozeau's PhD thesis) is an
extension of the Coq input language for building programs with
strong specifications by writing only the computational part and
generating proof obligations separately (which are usually solved by
tactics) and also a mechanism generalizing Type Classes à la Haskell
which gives overloading in programs and proofs and facilitates the
development of generic tactics.

Our current activities mainly focus on
using the capability of the Coq system to model both
computation and deduction in order to explore different classes of
applications. These examples involve the development of large reusable
Coq libraries and suggest domain-specific specification and proof
strategies.

Randomized algorithms

We proposed a method for modeling probabilistic programs in
Coq. The method is based on a monadic
interpretation of probabilistic programs as probability measures. It is available as a
Coq library ALEA.
This library has been used in an environment Certicrypt for the interactive development of formal proofs for computational cryptography.

Floating-point programs

A high-level of guarantee on floating-point computations is obtained by formal proofs in Coq. We
maintain and develop large Coq libraries (such as
Flocq
and PFF) for
floating-point arithmetic: core definitions, axiomatic and
computational rounding operations, high-level properties. They provide
a framework for developers to formally certify numerical applications.
More details can be found
here.

Real analysis

We have worked on easing proofs of differentiability and integrability
in Coq. The use case was the existence of a solution to the wave
equation thanks to D'Alembert's formula; the goal was to automate the
process as much as possible. Our approach is based on the pervasive
use of total functions. We aim at creating
a modern formalization
of the real numbers in Coq, with a focus on practicality. This is
sorely needed to ease the verification of numerical applications,
especially those involving advanced mathematics.

Certification of tools

Certifying the result of tools for analysing programs is a good
challenge in the domain of proofs of higher-order functional programs.

The proof assistant Coq can be used to certify the result of automated
deduction tools. We developed a certified version of the kernel of
the alt-ergo theorem prover (S. Lescuyer PhD thesis). We are also
developing a library Coccinelle for reasoning on termination of term rewriting
systems. These results are described
here.

We are also currently developing a certified version the Frama-C/Jessie/Why verification chain.

Contribution to functional programming

We develop several advanced tools in Objective Caml, some specific to
our research objectives but some of a more general purpose which we
distribute as open-source libraries.

Bibtex2html is a generator of HTML pages of bibliographic references distributed as open source since 1997.
We estimate that between 10000 and 100000 web pages have been generated using Bibtex2html.

We designed and
implemented Ocamlgraph, a
highly generic graph library for the programming language Ocaml. This
library features a large set of graph data structures - directed or
undirected, with or without labels on vertices and edges, as
persistent or mutable data structures, etc. - and a large set of graph
algorithms. Algorithms are written independently from graph data
structures, which allows combining user data structure
(resp. algorithm) with Ocamlgraph algorithm (resp. data structure).

We supervised the design
of Ocamlviz funded
by Jane Street Capital within the framework of Jane Street Summer
Project. The key idea of Ocamlviz is the ability to instrument an
existing code, in real time, with lightweight monitoring
annotations. Ocamlviz can also be used as a debugging tool.

We proposed efficient
functional implementations of data-structures such as persistent
arrays and ropes (see here for more information).

Software developments

Coq libraries

Coquelicot
is a Coq library dedicated to real analysis:
differentiation, integration, and so on. It is a conservative
extension of the standard library of Coq, but with a strong focus
on usability.

Flocq (Floats for Coq)
is a formalization of floating-point arithmetic for the Coq system.
It provides a comprehensive library of theorems on a multi-radix
multi-precision arithmetic; it also supports efficient numerical
computations inside Coq.

PFF
is a Coq
formalization of floating-point arithmetic with high-level
definitions and high-level properties. It is now subsumed by the
Flocq library.